Hi guys i have some confusion in some concepts. i understand that kratos its in charge of users account and manage them, but if , for example, i want to create a tour app and there will be a Tour guide user that will have permission to modify tours travels and so on, and there will be normal user that only can see the tour info but not modify that, and a admin user for example. what i dont really know if this is what is kratos is for? and i dont know also how the users create by kratos connect and make sense in the app context. This doubt arise becouse im following plenty of tutorials to create a go api or app, and all of this start designing the users object in order to create them in a DB. So im struggling if, with kratos, i have to omit this part becouse kratos its in charge to all of this and i only worry about the other part of the app. like the tours service and their data objects for example(i want to understand also how the users create by kratos will interact with the tour service). i hope that this make sense jeje i know that its not a very define question. in overall i understand how an api works but im lacking in the data side of the app. So any advice or resource i would help a lot, any guidance will help a lot. love from chile guys ❤️

if, with kratos, i have to omit this part becouse kratos its in charge to all of this

Hello @stocky-microphone-2210 you got it right, Ory Kratos would take care of all the “user management” stuff, so designing what your identity / user looks like, handling saving all identity data to the DB, all self-service flows (login, signup etc.) I recommend trying out this quickstart: https://www.ory.sh/docs/getting-started/integrate-auth/go

a Tour guide user that will have permission to modify tours travels and so on, and there will be normal user that only can see the tour info but not modify that, and a admin user for example.

This is a good usecase for Ory Permissions (Ory Keto is the respective self-hosted project): https://www.ory.sh/docs/keto/ I am working on updating / writing a simple RBAC guide for user/admin. You can mix and match, so you can also use a different solution for permissions/authZ, or you can use the Ory services together to cover everything authN/authZ related in your application.

oh now im getting it. thanks a lot